security
Browse posts in this collection.
A look at the human presence detection sensor in the Lenovo ThinkPad X1 Carbon (Gen 9)
I explored how my ThinkPad X1 Carbon automatically locks and unlocks based on my presence, discovering that the feature relies on Novelda’s ultra-wideband sensor rather than standard Windows Hello facial recognition. By investigating the technology behind this seamless experience, I reveal how this hidden hardware component works to enhance convenience and security without requiring a camera.
An early look at the EU Data Boundary
If you conduct business in the EU or EFTA area, you need to understand how Microsoft’s newly announced EU Data Boundary affects your data residency and compliance. I explore what this commitment means for Azure, Dynamics 365, and other services, clarifying that it is a documented process rather than a new tool, and highlighting why your data may still leave the region despite specific configurations.
Another new adventure begins now - meet Not Bad Security!
I’m excited to announce the launch of Not Bad Security, a new venture focused exclusively on Microsoft 365 and Azure security alongside my co-founder Antti Kujamäki. We are addressing complex cloud security challenges through five new remote workshops and a "Security Architect as a Service" subscription, designed to deliver tangible results without unnecessary upsells.
Becoming passwordless in Microsoft 365 using Surface Go and a FIDO2 key
Discover how I leveraged my underutilized Surface Go to experiment with Microsoft 365’s new passwordless preview, replacing traditional passwords with a more secure FIDO2 security key. This post details my practical approach to setting up this modern authentication method on a Windows 10 Pro device, demonstrating how to transition away from password-based logins using hardware tokens like YubiKey.
Best Practice: Create a break-glass admin account
You might find this post valuable if you want to ensure you never lose access to your Microsoft cloud tenants during a critical identity failure. I explain the urgent need for a dedicated, cloud-only break-glass admin account and outline the specific security configurations required to keep it resilient against infrastructure outages. By following these best practices, you can safeguard your emergency access while maintaining robust protection against unauthorized use.
Jussi Roine
Microsoft MVP and consultancy founder with 30+ years of experience, passionate about Microsoft security, AI governance, and sharing what I learn along the way.